- Security Ops
We perform background and reference checks on all prospective employees and contractors as a part of the hiring process. All new hires must accept our Code of Conduct before they start. We encourage frequent and open communication internally on all aspects of an employee's performance.
We provide security awareness training to all employees at least once per year, covering all manner of topics, including how to identify and avoid phishing schemes, why and how to use a password manager, and even how to be secure in their own personal lives.
Identity Management and Access Controls
StrongDM employees and contractors may be granted access to systems and data, and always based upon their role within the organization. We federate identities wherever possible and have rigorous auditing within our own infrastructure and processes. Only authorized users can access systems and all access is done via the StrongDM platform itself.
We implement a high-availability, multi-zone deployment model to ensure maximum uptime. In the event of a regional outage, StrongDM has processes in place to quickly resume operations in another AWS region and/or zone to restore all functionality to customers within contracted SLAs.